No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

File Access and Protocols Feature Guide 11

OceanStor 18500 V3 and 18800 V3 Mission Critical Storage System V300R003

This document describes the implementation principles and application scenarios of the NAS feature. Also, it explains how to configure and manage NAS.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Planning a CIFS Share

Planning a CIFS Share

Planning a CIFS share helps facilitate the follow-up service configuration. The following items need to be planned: networks, domains, authentication modes, sharing modes, users, user groups, and permissions.

Table 3-2 lists the required preparation items.
Table 3-2  CIFS share planning

Planned Item

Subitem

Requirement

Example

Network

IP address of the storage system

The storage system uses logical port (LIFa) to provide shared space for a client.

172.16.128.10

IP address of the access client.

The access client and storage system are accessible, and they can ping each other.

192.168.0.10

IP address of the maintenance terminal

The maintenance terminal and storage system are accessible, and they can ping each other.

192.168.128.10

(Optional) AD domain.

In an AD domain, IP addresses and host names of the AD domain server and DNS server must be configured. All those servers and the storage system must reside on the same network, and they can ping each other.

AD server

172.16.128.115

Domain environment

AD domain or non-domain environment.

Configure an AD domain or non-domain environment based on onsite requirements. The advantages of the AD domain and non-domain environments are described as follows:
  • AD domain: The storage system can be seamlessly integrated with the AD domain. Domain users can directly access the shared space, and no local users need to be created.
    NOTE:

    When adding a storage system to a domain, you must connect master controller of the storage system to the domain controller.

  • Non-domain: No domain environments need to be set up.

AD domain

Authentication mode

Local, domain, or global authentication.

Configure an authentication mode based on the domain environment (AD domain or non-domain environment).
  • Local authentication: Local user are used to validate the accounts identity.
  • Domain authentication: Domain servers are used to validate the user identity.
  • Global authentication: Local authentication is used first. If local authentication is not passed, domain authentication is used.

Global authentication

Share mode

CIFS share.

In CIFS share mode, a file system or its quota treeb is shared among authentication users including local authentication users and domain authentication users. Users have their permissions set by storage system for accessing CIFS shares.

CIFS share

Homedir.

In Homedir share mode, a file system is shared to a specific user as an exclusive directory. The user can only access the exclusive directory named after its user name.

-

User

-

Local authentication user or domain user.

user1

User group

-

Local authentication user group or domain user group.

default_group

Permission

Permission of a user or user group to access a share.

Set a user's permission to access a CIFS share. Possible permissions are:
  • Read-only: The user can only read the CIFS share.
  • Read-write: The user can read and write the CIFS share.
  • Full control: The user has full permission for the CIFS share.
  • Forbidden: The user is forbidden to access the CIFS share.

Read-only

a: A LIF is a logical port created on the physical port, bond port, and VLAN. Each LIF corresponds to an IP address.

b: Quota tree refers to the quota tree and is a special directory of the file system. You can set a directory quota on the quota tree to manage the space used by all files under the directory.

NOTE:

By default, the storage system uses port 445 to provide the CIFS share service (port 139 is not supported) for external devices. Therefore, in a scenario where a firewall is deployed, port 445 must be enabled for clients.

Translation
Download
Updated: 2018-07-19

Document ID: EDOC1000084098

Views: 24752

Downloads: 72

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next